public inbox for libc-announce@sourceware.org
 help / color / mirror / Atom feed
From: Carlos O'Donell <carlos@redhat.com>
To: libc-announce@sourceware.org
Subject: The GNU C Library has been authorized by the CVE Program as a CVE Numbering Authority (CNA)
Date: Wed, 7 Feb 2024 13:41:45 -0500	[thread overview]
Message-ID: <ff6ff6fd-b3a6-48e5-8676-36d38278aac5@redhat.com> (raw)

The GNU C Library (glibc) is a key part of the trusted foundation
in a secure and high-quality software supply chain and is used
by the GNU Toolchain, the GNU system, and many of the GNU/Linux
systems today.

In an ongoing effort to improve security, the project has been
authorized by the CVE Program as a CVE Numbering Authority (CNA):
https://www.cve.org/Media/News/item/news/2024/02/06/GNU-C-Library-Added-as-CNA

As a CNA the glibc security team will be working to improve the
quality and response time of security advisories and mitigations.

Over the coming months, the glibc security team will define the
process for the CNA and establish best practices that can also
be used by the rest of the GNU Toolchain.

To receive notifications of new advisories please subscribe to the
glibc announcement mailing list (libc-announce):
https://sourceware.org/mailman/listinfo/libc-announce

Advisories are published directly into the glibc git repository:
https://sourceware.org/git/?p=glibc.git;a=tree;f=advisories;hb=HEAD

For more information please see the project security documentation:
https://sourceware.org/glibc/security.html


                 reply	other threads:[~2024-02-07 18:41 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ff6ff6fd-b3a6-48e5-8676-36d38278aac5@redhat.com \
    --to=carlos@redhat.com \
    --cc=libc-announce@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).